Working from Home: Digital Security

Now that many small businesses have settled in to a new way of working, with many staff working from home, it is a good time to consider digital security; a time to look at backup plans to ensure data access, protection and retrieval. You will need to consider security measures for your employees’ home or remote networks. If an employee connects to an unsecured Wi-Fi network, your data and information may be exposed to cyber threats. While a few employees may be able to complete some work directly from a laptop or computer, most will need access to your systems to complete their tasks. Here are some points to consider:

  • Do these employees need VPN access?
  • Do you have enough licenses for everyone who needs to log in?
  • Do your employees know how to connect?
  • Do they know who to contact if they have connectivity or software issues?
  • For those who need access to files and systems, do they have an appropriate access level?
  • Have your employees been trained in how to handle potential sensitive or protected information they access while off-site?
  • Can your network handle an unusually high volume of simultaneous traffic created by employees working remotely during a disruption?

General Backup Plan

Isolate sensitive information

  • Identify where sensitive information is stored/processed
  • Identify the means to back up sensitive information
  • Determine the means to prioritise high level, sensitive, and important information on recovery

Back up important business data

  • Identify important business data on desktops and mobile devices
  • Working files
  • Emails or other recorded business communications (chat/phone calls)
  • Invoices
  • Tax/financial information
  • Employee and customer records
  • Identify backup points and replication targets
  • Identify backup and disaster budget

Protect hard copy data

  • Identify important documents saved as hard copies
  • Contracts with suppliers or customers
  • Employee information
  • Tax or financial information
  • Ensure documents are kept in safe places – and ensure digital copies exist

With Australians working, studying, shopping and socialising online during the COVID-19 crisis, scammers are increasing their efforts to steal people’s personal or financial details. Similarly, scammers are using people’s reliance on connectivity at this time to mislead them into thinking that their NBN service will be disconnected if they do not provide a “technician” with online access to their computer.

NBN Co’s Top Tips

Top Tips for Working Securely at Home

  • Protect your work laptop or devices by not leaving them unattended in unsecure areas and locking the screen when you are away from the device.
  • Do not allow family to use your work devices or passwords as they could accidentally erase or modify important work information, or unknowingly infect your device.
  • Protect your home wireless network with a password and change the default administrator password on your home router using the instruction guide for your router.
  • Never reuse passwords – if one site is compromised then others are too. Consider a password manager if you are finding it complicated to keep track of your passwords.
  • Devices should never be left where others can see them (e.g. inside a car if you decide to duck down to the shops, or visible within a room if someone is walking past a window at street level.)
  • Shred documents to dispose them securely. If you do not have access to a shredder, store the documents safely until you can return them to work and dispose of them in secure bins.
  • It is best to avoid using free Wi-Fi hotspots for work-related business. These are often unsecured and the data you transmit can be snooped on by others.
  • If possible, enable multi-factor authentication (MFA) whenever possible. MFA uses your password, but also adds a second step, such as a code sent to your phone or an app that generates the code for you as an extra layer of security.
  • Keep personal information safe by installing the latest software and updating app to protect your personal devices from the latest threats.

Top Tips for Protecting Against Scammers

Visit NBN Co’s website at www.nbn.com.au/scamadvice for information on how to identify and avoid potential scammers or for advice if you suspect you have been scammed.

  • Remember nbn will never call and ask to access your computer or advise that you are going to be disconnected. NBN Co is a wholesaler, which means it does not sell phone or internet services directly to the public. People need to contact their preferred phone and internet provider to make the switch.
  • Never give an unsolicited caller remote access to your computer or devices via the installation of programs, such as Team Viewer.
  • NBN Co does not make automated calls, such as robocalls, to advise of disconnections to nbn or existing copper phone line services. Do not engage with these calls.
  • Do not share your financial information (i.e. bank, credit card or gift card details) or personal details with an unsolicited caller or door knockers trying to seek payment for an nbn™ service.
  • If in doubt, hang up and call your retail service provider on their official customer service centre number to check if the call is legitimate. Do not use contact details supplied by the caller.